Keylogger

Sec+ Glossary 📖 • Threats ⚠️ • Security+ 02 • Difficulty: free

What is Keylogger?

A keylogger is a type of spyware that records what a user types, with the goal of capturing sensitive information such as usernames, passwords, messages, and payment details. Keyloggers can be software-based or hardware-based, and they often try to operate quietly to avoid detection.

Examples

A phishing attachment installs a keylogger that captures logins to email and banking sites.
A hardware keylogger is plugged between a keyboard and a computer to record keystrokes in a shared office.

Discover 🔎

Keyloggers target something simple but powerful: what you type. Passwords, one-time codes, private messages, and search queries often pass through the keyboard. If an attacker can capture keystrokes, they can steal access to accounts and gather sensitive information without needing to break encryption. This is why keyloggers are common in credential theft campaigns.

Remember: A keylogger can steal secrets before they are protected. If it captures input as you type, encryption later in the process does not help.

Summary 📝

A keylogger is spyware that records what a user types to steal credentials and sensitive information. It can be software-based, delivered through phishing or trojans, or hardware-based, requiring physical access. Defending against keyloggers involves preventing untrusted software, using endpoint monitoring, and responding quickly by securing affected accounts and cleaning or rebuilding compromised devices.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.